Job Specifications
By combining state-of-the-art data science techniques, cutting-edge Internet of Things (IoT) technologies, and Software as a Service, we enable a more connected, intelligent and efficient supply chain. We’re creating value from massive, connected data. Our unmatched insights illuminate more than 300,000 supply chains, more than a million customers and partners, and over 300 million physical assets that are constantly on the move around the world.
CHEP is a Brambles / BXB Digital company, the global leader in supply chain logistic solutions operating through the CHEP brand. Brambles Limited is listed on the Australian Securities Exchange (ASX) and has its headquarters in Sydney, Australia. Operating in more than 60 countries, with its largest operations in North America and Western Europe, we employ more than 14,500 people and owns over 550 million pallets, crates and containers through a network of approximately 850 service centres.
DIRECTOR OF DIGITAL BUSINESS CYBER SECURITY
POSITION PURPOSE
The Data and Digital Cyber Leader will report into the global Cyber team (dotted line to Digital leadership) and be responsible for driving overall cyber security compliance across the Digital organization, partnering with the multiple Digital and Technology Service teams to ensure appropriate and effective cyber controls and compliance is achieved, across all digitally designed and run platforms, hardware, software, interfaces, and 3rd party capabilities. Effectiveness will start with developing a thorough understanding of our digital business and solutions, extend to driving evaluation and remediation efforts to improve cyber maturity across Digital solutions, and end with ensuring all new solutions and capabilities are secure by design.
This leader will take a risk-based approach to prioritization and investment, in alignment with the Board approved Cyber Strategy, and ensure choices and investment are clear with respect to cyber needs across the Digital space.
In addition, this leader will partner closely with the Global Privacy Office and Data Management teams to drive overall Data Loss Prevention and Data Protection across Corporate as a whole. This will include evaluating and implementing new people, process, and technology to better manage Data Loss Prevention at scale, and ensuring appropriate protections and controls are in place in tracking, managing, and protecting Corporate data.
With regards to Digital:
• Work closely with the Digital business globally to review, evaluate, interpret, influence, and provide leadership on proposed and enacted cyber protections and capabilities and industry-best practices in their jurisdictions.
• Act as the primary security contact, collaborating with business and IT leaders to balance risk/reward to improve security in IT applications and third-party engagements, developing deep understanding of business processes, systems, technologies, data, stakeholders and third-party partners.
• Partner with Compliance, Legal, IT resources to achieve effective working relationship that can further the effectiveness of the Information Security Program.
• Advocates for required change and continuously manages policy and standards exceptions program. Leads discussions and answers complex cross-functional policy and standards questions, forecasting best practice in policy.
• Support implementation of Governance, Risk, and Compliance (GRC) and third-party security toolset for the Digital organization. Ensures collaboration with GRC stakeholders.
• Contributes to and aligns risk programs with the NIST CSF based information security program.
With regard to Data:
• Define and drive the global Data Protection and Data Loss Prevention program to ensure all sensitive Corporate data is appropriately protected, especially when shared outside of the company.
• Engaging collaboratively with application development, data protection, information security, and risk management teams to understand and implement data security solutions.
• Supporting vendor assessments, including proof of concepts & security technologies research
• Continuously improving data protection services based on input from a diverse network of internal and external stakeholders, technology teams and security industry at large
• Support the engagement of Data Owners and Custodians within Corporate to empower decision makers to protect their data.
MEASURES
In this role, the Data and Digital Cyber lead will manage the Digital cyber posture improvement efforts, and drive compliance against Data Protection targets to be defined against a high but achievable bar for performance, risk mitigation and continuous improvement, balancing immediate priorities alongside long-term objectives.
AUTHORITY / DECISION MAKING
Within the scope of his or her objectives, duties and responsibilities, the Data and Digital Cyber Leader is authorised to develop and implement controls, policies, organizational measures, and strategic pl